Windows¼ÓÃÜ¿âSymCryptËÀËø·ì϶£¬£¬£¬£¬£¬£¬£¬¿Éͨ¹ý¶ñÒâÖ¤Êé´¥·¢DoS£»£» £»£»£»£»£»·É»úÁ㲿¼þ³§ÉÌASCOÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬£¬£¬£¬£¬²¿Ãʤ³§ÒѹعØ

°ä²¼¹¦·ò 2019-06-13
1¡¢Î¢Èí°ä²¼6ÔÂWindows°²È«¸üУ¬£¬£¬£¬£¬£¬£¬½¨¸´88¸ö·ì϶

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
΢ÈíÔÚ6ÔµÄWindows°²È«¸üÐÂÖн¨¸´ÁË88¸ö·ì϶£¬£¬£¬£¬£¬£¬£¬ÆäÖÐÔ̺¬SandboxEscaper֮ǰÅû¶µÄ4¸ö¹«¿ªµÄ0day£¨Windows InstallerÌáȨ·ì϶CVE-2019-0973¡¢Windows ShellÌáȨ·ì϶CVE-2019-1053¡¢CVE-2019-0841µÄ²¹¶¡ÈƹýÌáȨ·ì϶CVE-2019-1064ÒÔ¼°´òË㹤×÷ÌáȨ·ì϶CVE-2019-1069£©¡£ ¡£¡£¡£¡£¡£´Ë±í£¬£¬£¬£¬£¬£¬£¬Î¢Èí»¹°ä²¼ÁËÕë¶ÔµÚÈý·½Èí¼þÓ²¼þ·ì϶½¨¸´µÄËÄÌõ°²È«²¼¸æºÍÕë¶ÔExchange ServerµÄÉî¶È°²È«¸üС£ ¡£¡£¡£¡£¡£ÆëÈ«²¹¶¡ÁбíÇë²Î¿¼ÒÔÏÂÁ´½Ó¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/microsoft/microsofts-june-2019-patch-tuesday-fixes-88-vulnerabilities/

2¡¢Ó¢Ìضû°ä²¼NUCÌ×¼þ¼°RWC3°²È«¸üУ¬£¬£¬£¬£¬£¬£¬½¨¸´¶à¸öÑϳÁ·ì϶

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
Ó¢ÌØ¶û½¨¸´ÃÔÄãPC NUCÌ×¼þ¼°Windows RAID Web½ÚÔį̀£¨RWC3£©ÖеĶà¸ö°²È«·ì϶¡£ ¡£¡£¡£¡£¡£ÆäÖÐRAIDÈí¼þÖн¨¸´µÄµ¥¸ö·ì϶ÑϳÁÐÔ×î¸ß£¬£¬£¬£¬£¬£¬£¬¸Ã·ì϶£¨CVE-2019-11119£©µÄCVSSÆÀ·ÖΪ8.9·Ö£¬£¬£¬£¬£¬£¬£¬¿ÉÔÊÐíδ¾­Éí·ÝÑéÖ¤µÄÔ¶³Ì¹¥»÷Õß½øÐÐÌáȨ¡£ ¡£¡£¡£¡£¡£¸Ã·ì϶Óë·þÎñAPIÖв»×ã»á»°ÑéÖ¤Óйأ¬£¬£¬£¬£¬£¬£¬Ó°ÏìÁË4.186¼°¸üÔçµÄ°æ±¾¡£ ¡£¡£¡£¡£¡£´Ë±í£¬£¬£¬£¬£¬£¬£¬Ó¢ÌضûÔÚNUCÌ×¼þµÄ¹Ì¼þ¸üÐÂÖн¨¸´Á˶à¸ö¿Éµ¼ÖÂÌáȨ¡¢DoS¼°ÐÅϢй¶µÄ·ì϶£¬£¬£¬£¬£¬£¬£¬²¨¼°39¸ö²úÆ·¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/intel-updates-nuc-bios-raid-soft-to-patch-high-severity-bugs/

3¡¢Windows¼ÓÃÜ¿âSymCryptËÀËø·ì϶£¬£¬£¬£¬£¬£¬£¬¿Éͨ¹ý¶ñÒâÖ¤Êé´¥·¢DoS

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
¹È¸è×êÑÐÈËÔ±Tavis OrmandyÔÚWindowsÖØÒª¼ÓÃÜ¿âSymCryptÖз¢ÏÖÒ»¸ö·ì϶£¬£¬£¬£¬£¬£¬£¬¸Ã·ì϶¿ÉÔÊÐí¹¥»÷ÕßÔÚWin 8¼°¸ü¸ß°æ±¾µÄ·þÎñÆ÷ÉÏ´¥·¢DoS¡£ ¡£¡£¡£¡£¡£OrmandyʹÓÃÌØÔìµÄX.509Êý×ÖÖ¤Êé²âÊÔÁ˸÷ì϶£¬£¬£¬£¬£¬£¬£¬¸ÃÖ¤ÊéÎÞ·¨ÊµÏÖÑéÖ¤¹ý³Ì£¬£¬£¬£¬£¬£¬£¬²¢»áÔÚ·þÎñÆ÷ÉÏ´¥·¢ËÀËø¡£ ¡£¡£¡£¡£¡£Ormandy°µÊ¾ÔÚÀûÓÃbcryptprimitives!SymCryptFdefModInvGenericÍÆËãÌØ¶¨Î»Ä£Ê½µÄÄ£ÄæÔªÊ±£¬£¬£¬£¬£¬£¬£¬½«µ¼ÖÂËÀÑ­»·¡£ ¡£¡£¡£¡£¡£¸Ã·ì϶¿ÉÔÊÐí¹¥»÷ÕßÔÚÖ°ºÎWindows·þÎñÆ÷£¨ÈçIPsec¡¢IISºÍExchange Server£©ÉÏ´¥·¢DoS¡£ ¡£¡£¡£¡£¡£Î¢ÈíδÄÜÔÚ90ÌìÄÚ½¨¸´¸Ã·ì϶£¬£¬£¬£¬£¬£¬£¬Òò¶ø×êÑÐÈËÔ±Åû¶Á˸÷ì϶µÄÓйØÏ¸½Ú¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.bleepingcomputer.com/news/security/bad-cert-vulnerability-can-bring-down-any-windows-server/

4¡¢ÃÀDHSÖÒ¸æÀûÓÃDICOMҽѧӰÏñÎļþ°µ²Ø¶ñÒâ´úÂëµÄ¹¥»÷»î¶¯

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
6ÔÂ11ÈÕÃÀ¹úºÓɽ°²È«Êý£¨DHS£©ÖÒ¸æ³ÆDICOMҽѧӰÏñÎļþ¿É±»ÓÃÓÚ°µ²Ø¶ñÒâÈí¼þ¡£ ¡£¡£¡£¡£¡£DICOMÊÇÒ»ÖÖ¿í·ºÊ¹ÓõĹú¼Ê³ß¶È£¬£¬£¬£¬£¬£¬£¬ÓÃÓÚ´æ´¢¡¢´«Êä¡¢¼ìË÷¡¢´¦ÖúÍÏÔʾҽѧӰÏñÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬¸Ã³ß¶È±»ÓÃÓÚÈ«ÇòÒ½ÔºµÄ³ÉÏñÉ豸£¨CT¡¢MR¡¢³¬Éù²¨£©¡¢³ÉÏñÐÅϢϵͳ£¨HIS¡¢RIS¡¢PACS£©ºÍ±íΧÉ豸£¨¹¤×÷Õ¾ºÍ3D´òÓ¡»ú£©Ö®ÖС£ ¡£¡£¡£¡£¡£Cylera×êÑÐÈËÔ±·¢ÏÖDICOMÎļþÍ·µÄÒ»¸ö128×Ö½Úǰµ¼Âë¿ÉÓÃÓÚ°µ²Ø¶ñÒâ´úÂ룬£¬£¬£¬£¬£¬£¬²¢°ä²¼Á˸÷ì϶£¨CVE-2019-11687£©µÄ¾ßÌåÐÅÏ¢ºÍPoC´úÂë¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.securityweek.com/malware-can-be-hidden-dicom-medical-imaging-files-dhs-warns

5¡¢Lake CityÔâÀÕË÷Èí¼þTriple Threat¹¥»÷£¬£¬£¬£¬£¬£¬£¬ÊÐÕþ·þÎñÒÑÖжÏ

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
ƾ¾ÝLake City¾¯·½Ð¹Â©µÄÐÂÎÅ£¬£¬£¬£¬£¬£¬£¬¸ÃÊÐÓÚ5ÔÂ10ÈÕÔâµ½ÀÕË÷Èí¼þTriple Threat¹¥»÷£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßʹÓÃÈýÖÖ·ÖÆçµÄ¹¥»÷²½ÖèÕë¶Ô¸ÃÊеÄÍøÂçϵͳ£¬£¬£¬£¬£¬£¬£¬µ¼Ö¸ÃÊеĵç×ÓÓʼþϵͳ¡¢¹Ì¶¨µç»°ºÍÐÅÓþ¿¨·þÎñ±»ÆÈ¹Ø¹Ø¡£ ¡£¡£¡£¡£¡£¾¯·½°µÊ¾Ô̺¬¾¯Ô±ºÍ»ð¾¯ÔÚÄÚµÄËùÓд¹Î£·þÎñ¶¼²»ÊÜÕâ´Î¹¥»÷ÊÂÎñµÄÓ°Ï죬£¬£¬£¬£¬£¬£¬¹«¹²°²È«ÍøÂçÒ²Òѱ»¸ôÀë²¢ÊܼÓÃܱ£»£» £»£»£»£»£»¤¡£ ¡£¡£¡£¡£¡£Ä¿Ç°»¹²»Ã÷ÏÔÊÇ·ñÓÐÈκÎÃô¸ÐÊý¾Ý±»ÀÄÓûòй¶£¬£¬£¬£¬£¬£¬£¬µ«³ÇÊÐÐÅÏ¢¼¼Êõ×ܼàBrian Hawkins³ÆÃ»ÓÐÖ§¸¶Êý¾ÝÊܵ½Ó°Ï죬£¬£¬£¬£¬£¬£¬ÓÉÓÚÕâЩÊý¾Ý¶¼ÊÇÓɵÚÈý·½¹©¸øÉÌ´æ´¢ÔÚÒìµØ¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://cyware.com/news/triple-threat-ransomware-attack-cripples-email-systems-and-services-of-lake-city-729e1f23

6¡¢·É»úÁ㲿¼þ³§ÉÌASCOÔâÀÕË÷Èí¼þ¹¥»÷£¬£¬£¬£¬£¬£¬£¬²¿Ãʤ³§ÒѹعØ

8827Ì«Ñô¼¯ÍÅ(Macau)¹É·ÝÓÐÏÞ¹«Ë¾-Official website
 
¾Ý±ÈÀûʱýÌ屨·£¬£¬£¬£¬£¬£¬£¬·É»úÁ㲿¼þ³§ÉÌASCOλÓÚ±ÈÀûʱÔú·ÒÌØÄ·µÄ¹¤³§ÔâÀÕË÷Èí¼þϰȾ£¬£¬£¬£¬£¬£¬£¬¸Ã¹«Ë¾ÒÑÖÕ³¡ÁËËĸö¹ú¶ÈµÄ¹¤³§³ö²ú¡£ ¡£¡£¡£¡£¡£¸ÃϰȾÊÂÎñ²úÉúÔÚ6ÔÂ7ÈÕÐÇÆÚÎ壬£¬£¬£¬£¬£¬£¬×î³õÓ°ÏìÁ˸ù«Ë¾Î»ÓÚ±ÈÀûʱµÄ¹¤³§£¬£¬£¬£¬£¬£¬£¬µ«ASCOÒ²¹Ø¹ØÁËλÓڵ¹ú¡¢¼ÓÄôóºÍÃÀ¹úµÄ¹¤³§¡£ ¡£¡£¡£¡£¡£¾Ý±¨Â·Í£»£» £»£»£»£»£»ú¹¦·òÔ¤¼ÆÎªÒ»ÖÜ£¬£¬£¬£¬£¬£¬£¬Ô̺¬¼´½«µ½À´µÄÖÜÄ©¡£ ¡£¡£¡£¡£¡£¸Ã¹«Ë¾²¢Î´Ð¹Â©¸ü¶àÐÅÏ¢£¬£¬£¬£¬£¬£¬£¬Ä¿Ç°Ò²²»ÖªÂ·ÀÕË÷Èí¼þµÄÃû³Æ¡£ ¡£¡£¡£¡£¡£ASCOÊÇÊÀ½çÉÏ×î´óµÄ·É»úÁ㲿¼þ³§ÉÌÖ®Ò»£¬£¬£¬£¬£¬£¬£¬Æä¿Í»§Ô̺¬¿Õ¿Í¡¢²¨ÒôÉõÖÁ¾üÓᢺ½¿ÕÁìÓòµÄ¹«Ë¾µÈ¡£ ¡£¡£¡£¡£¡£

Ô­ÎÄÁ´½Ó£ºhttps://www.zdnet.com/article/ransomware-halts-production-for-days-at-major-airplane-parts-manufacturer/